Veo Zhang

Sex sells, and nowhere is that more true than the Chinese mobile landscape. Porn-themed malware has been hitting Android users in China, Japan, and Taiwan in recent weeks.

These malicious apps are distributed via SEO-optimized fake websites, with keywords targeting hot scandals and affairs used. These sites pretend to be porn video websites, and all lead to various malicious apps being downloaded.

Following news that iOS devices are at risk of spyware related to the Hacking Team, the saga continues into the Android sphere. We found that among the leaked files is the code for Hacking Team’s open-source malware suite RCSAndroid (Remote Control System Android), which was sold by the company as a tool for monitoring targets….

A new breed of cybercriminals has surfaced in China. They are bolder and more reckless than their more experienced veteran counterparts. All born in the 90s, these neophytes are not afraid to get caught, carelessly leaving a trail of traceable contact details online. They find and share readily available code and use those to make their…

Recently, we have noticed large numbers of repackaged Android apps showing up in Chinese app stores. While these apps pretend to be “free”, in the end they cost the users time and money: they are either shown various ads or they are subscribed to various premium SMS numbers. (Note that these apps were not found in…

We recently encountered a high-risk Android app detected as ANDROIDOS_STIP.A in Chile. This app, found distributed through forums and blogs, can be used to hack into the user’s RFID bus transit card to recharge the credits. What is the mechanism behind this, and what is the security risk of RFID payment cards in general? Paying via…